Data breaches such as Cambridge Analytica have generated increasing pressure to regulate Silicon Valley tech firms, and California Gov. Jerry Brown last week signed the strictest privacy bill ever achieved in the U.S.
The proposed law, effective in 2020, will impact almost all major business, but large tech firms are the target of the bill, Reuters reported.
Companies including Facebook and Uber Technologies play a growing role in online communications and commerce. Google and other big companies opposed the measure as too much of a burden.
Gov. Brown on Thursday signed the California Consumer Privacy Act into law, setting tough new restrictions on how Facebook, Google and other tech giants handle Californians’ personal data.
“California has always been a bellwether for where rest of the country is going on tech policy and tech legislation,” said Nuala O’Connor, president of the Center for digital rights group Democracy and Technology, in a Washington Post report. “If the people there are saying, ‘We demand more control, insight and transparency about how our data is collected and used,’ that’s a very important signal to the rest of the country.”
Under the new law, tech companies will be required to:
By the time the law goes into effect, it could look very different from the way it looks today. It will be fine-tuned, subject to aggressive lobbying from corporate opponents such as Facebook, AT&T and others.
There’s discussion among federal lawmakers about crafting national privacy rules, according to the Washington Post.
But inaction at the federal level is partly why California is taking this step, said Harley Geiger, director of public policy at the data security firm Rapid7. “There should be broad realization that if federal inertia persists, we could well see a situation on privacy and security in the states.”
“Wow. The passage of California’s new privacy law #AB375 – by unanimous vote – is the clearest rebuke I’ve seen of Big Tech’s spying ways,” Geoffrey A. Fowler, The Washington Post’s technology columnist, tweeted.
California passes new privacy law — where the federal government repeatedly fails, the states are acting https://t.co/If8Y93tIhe
— Tim Wu (@superwuster) June 29, 2018
California privacy law will have 'unintended consequences': Google – The California Consumer Privacy Act of 2018 could have sweeping ramifications for tech companies when it takes effect in 2020 https://t.co/tWsB9bmkC9 #GDPR #Privacy #DataProtection
— Bill Mew (@BillMew) July 2, 2018
Businesses buck new #California #data privacy law: https://t.co/IqlJw4MSNC
— PYMNTS (@pymnts) July 2, 2018
A committee opposed to the ballot initiative received $200,000 each from Google, Facebook, AT&T, Verizon Communications and Comcast, according to California financial disclosures.
The Internet Association, which includes Google and Facebook, said it opposed the final bill’s “many problematic provisions” but “will not obstruct or block AB 375 from moving forward, because it prevents (an) even worse ballot initiative from becoming law in California.” Bloomberg reported.
Non-tech sector including the National Retail Federation, had concerns. The law is “objectionable on many levels,” and puts retail services such as restocking and loyalty programs at risk, said, David French, an executive for the Washington-based lobbying group.
Cambridge Analytica, a U.K. data firm with ties to President Donald Trump’s campaign, got data on millions of Facebook users without their consent, prompting calls for stricter privacy laws.